Protecode's Proactive Open Source Scanning Solutions Help Organizations Mitigate Security Threats and Vulnerabilities
Building 94, 3701 Carling Avenue
Press release date: April 15, 2014
OTTAWA, CANADA – Protecode, a leading provider of open source management solutions, today confirmed that users of its open source scanning products have been able to detect, flag and quickly respond to risks posed by security vulnerabilities against Heartbleed and certain versions of OpenSSL packages.
Protecode products detect and report on open source security vulnerabilities within an organization's code portfolio and can help organizations mitigate damage from security threats. With its open source information-mining processes monitoring the National Vulnerability Database (NVD), Protecode's reference Global IP Signatures (GIPS) database was automatically updated to reflect the security vulnerabilities against certain versions of OpenSSL package. Users of Protecode's publicly-accessible GIPS database do not need to take action, as their information has been updated automatically. For Protecode clients that utilize the GIPS database within their enterprise networks, the new data is now available for download.
"Protecode takes security vulnerabilities very seriously - that's why we have built a set of tools that allow us to detect new vulnerabilities, such as those relevant to Heartbleed, and make them available to our customers as quickly as possible," said Normand Glaude, COO, Protecode.
Protecode recommends that users of its open source scanning solutions mark packages in their portfolio including the OpenSSL package for autonomous security vulnerability updates so they are automatically notified if new vulnerabilities are reported by NVD.
Internally, Protecode operations have already updated all global servers with the latest patched versions and confirmed that no leaks or threats were discovered.
Protecode provides products and services for managing open source software licenses. Protecode solutions enable accurate and fast code scanning in real-time and on-demand, delivering policy-based reports on obligations and security vulnerabilities in code portfolios. Built for ease-of-use, integration and minimal intrusion into existing development processes, Protecode products have been deployed in hundreds of organizations worldwide, from few developers to multinational organizations with more than 100,000 employees. Protecode is headquartered in Ottawa, Canada with partners worldwide. For more information, visit www.protecode.com.